I started with a list of sites in the top 1000 sites globally according to data at Alexa.com (a few have dropped out of the top 1000 since I collated the data set) and also used the Alexa data to work out the average number of daily pageviews per user. The next step was to look at Google's data on the number of infected pages and the total number of pages on the site, noting the date of last infection. From that I could work out an "infection likelihood" which is the probability of an average visitor coming into contact with malware during the period the site was infected.

What was surprising was just how clean these sites are looking (well, from a malware perspective). Last time some of the biggest sites had hundreds of pages infected, and now they appear to have virtually none. I've highlighted everything about 1% in red but note that the "riskiest" site (largeporntube.com) has been clean for a couple of months.

The results of my analysis are as follows:

Rank

Domain

Pageviews / User

Total pages

Infected

Date

Infection rate

Infection
likelihood

38

xvideos.com

11.7

89427

0

0.00%

0.00%

51

xhamster.com

10

11356

1

2013-07-01

0.01%

0.09%

66

pornhub.com

5.6

6235

0

0.00%

0.00%

88

xnxx.com

9.5

26082

0

0.00%

0.00%

95

redtube.com

5

9189

0

0.00%

0.00%

99

youporn.com

5.6

1675

0

0.00%

0.00%

103

livejasmin.com

2.4

502

0

0.00%

0.00%

162

tube8.com

3.9

12697

0

0.00%

0.00%

169

youjizz.com

4.7

1385

0

0.00%

0.00%

227

hardsextube.com

3.3

71817

0

0.00%

0.00%

268

dmm.co.jp

9.2

1245

0

0.00%

0.00%

275

beeg.com

4.9

873

0

0.00%

0.00%

326

motherless.com

14.8

3196

4

2013-06-24

0.13%

1.84%

393

drtuber.com

2.8

1420

0

0.00%

0.00%

438

myfreecams.com

4

148

0

0.00%

0.00%

453

cam4.com

6.3

889

0

0.00%

0.00%

462

adultfriendfinder.com

7.8

241

0

0.00%

0.00%

464

bravotube.net

2.6

1098

0

0.00%

0.00%

502

ixxx.com

3.4

438

5

2013-09-05

1.14%

3.83%

528

chaturbate.com

14.7

2725

0

0.00%

0.00%

578

nuvid.com

2.8

884

0

0.00%

0.00%

588

spankwire.com

3.3

1182

0

0.00%

0.00%

591

porntube.com

2.9

734

0

0.00%

0.00%

595

pornerbros.com

1.9

946

1

0.11%

0.20%

607

largeporntube.com

3.2

5750

160

2013-07-20

2.78%

8.63%

676

yourlust.com

2.7

1224

0

0.00%

0.00%

697

4tube.com

4.3

1337

0

0.00%

0.00%

699

keezmovies.com

3

669

0

0.00%

0.00%

707

pornhublive.com

2.3

30

0

0.00%

0.00%

768

xhamstercams.com

1.8

5

0

0.00%

0.00%

780

h2porn.com

1.8

2193

1

0.05%

0.08%

800

4chan.org

26.7

218

0

0.00%

0.00%

804

video-one.com

13.7

1143

0

0.00%

0.00%

825

xtube.com

12.1

805

0

0.00%

0.00%

830

sunporno.com

2.7

360

0

0.00%

0.00%

848

porn.com

4

1281

0

0.00%

0.00%

864

perfectgirls.net

5.4

1958

5

2013-09-05

0.26%

1.37%

883

nudevista.com

8.7

2088

1

2013-08-03

0.05%

0.42%

931

redtubelive.com

2.8

33

0

0.00%

0.00%

942

alphaporno.com

1.9

10472

32

2013-07-21

0.31%

0.58%

1065

videosexarchive.com

3.8

5183

0

0.00%

0.00%

1238

hellporno.com

3

331

0

0.00%

0.00%

1382

watchmygf.com

1.3

11

0

0.00%

0.00%

1806

ah-me.com

2.7

235

0

0.00%

0.00%

So, what is going on? Have these sites cleaned up their act? Well, it
certainly looks like there has been an improvement (despite the reported
infection at xvideos.com above).

Over 46,000 people looked at my previous blog post on the topic, and it was covered by some major news outlets [1][2][3][4][5]. Reaction was varied, and many porn site operators flatly denied the problem despite the Google statistics indicating otherwise.

So perhaps shining a light on the problem helped to clean it up. Perhaps the spike in malware was a temporary glitch. Perhaps the malware operators are better at hiding what they are doing. I suspect that it is a combination of all three.

Despite the apparent cleanup of these sites, my advice is that you still need to exercise caution. It is
very important to make sure that your system is fully patched (you can
use Secunia OSI to check if you have a Windows PC), and a combination of Firefox + NoScript is
very good at locking down your browser (note that this isn't really for
novices). Logging in as something other than an administrator can also
help to reduce the impact of malware, and of course a good and
up-to-date anti-virus or security package is essential. In addition,
Google's Chrome browser is pretty good at picking up malicious sites, and the most dangerous browser to use tends to be Internet Explorer. And if you have Sun's Java platform installed on your system I would strongly recommend that you remove it as that it currently the most popular way of getting your machine infected.